DOCSLIB.ORG

Report Criminal Law in the Face of Cyberattacks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

APRIL 2021

REPORT

CRIMINAL LAW IN THE FACE OF CYBERATTACKS

Working group chaired by Bernard spitz, president of the international and Europe division of MEdEF, former president of the French insurance Federation (FFA)

General secretary: valérie Lafarge-sarkozy,

Lawyer, Partner with the law firm Altana

CRIMINAL LAW IN THE FACE
OF CYBERATTACKS

CLUB DES JURISTES REPORT

Ad hoc commission

APRIL 2021

4, rue de la Planche 75007 Paris
Phone: 01 53 63 40 04 www.leclubdesjuristes.com

Find us on

2

PREFACE

n the shadow of the global health crisis that has held the world in its grip since 2020, episodes of cyberattacks have multiplied. We should be careful not to see this as mere coincidence, an

I

unexpected combination of calamities that unleash themselves in a relentless series bearing no relation to one another. On the contrary, the major disruptions or transitions caused in our societies by the Covid-19 pandemic have been conducive to the growth of offences which, though to varying degrees rooted in digital, are also symptoms of contemporary vulnerabilities. The vulnerability of some will have been the psychological breeding ground for digital offences committed during the health crisis. In August 2020, the Secretary-General of Interpol warned of the increase in cyberattacks that had occurred a few months before, attacks “exploiting the fear and uncertainty caused by the unstable economic and social situation brought about by Covid-19”. People anxious about the disease, undermined by loneliness, made vulnerable by their distress – victims of a particular vulnerability, those

recurrent figures in contemporary criminal law – are the chosen victims

of those who excel at taking advantage of the credulity of others. During the spring 2020 lockdown, some hundred scams registered in France were committed online by individuals posing as business leaders selling stocks of masks. The digital world then has to settle for fending off contemporary examples of classic scam behaviour. The vulnerability of information systems is itself the offspring of digital. Successive lockdowns, by promoting teleworking, telemedicine and distance selling, down to what have become the most mundane acts of everyday life such as contactless payments, have helped to multiply the circumstances that can give rise to the commission of cyberattacks. The defence to these, here as elsewhere, relies on the impossibility of access. Alas! Pirated passwords, uncorrected vulnerabilities, simple human failures (such as inadvertently downloading a trojan) literally open the doors of computer systems.

What if all this revealed a structural vulnerability, that of our societies? Bound hand and foot to digital, contemporary societies draw from it what makes them both successful and fragile, in an edifying testimony to the ambivalence of digital. In fact, the Covid-19 pandemic has only exacerbated existing trends. For a long time now the risks of

cyberattacks have been well identified, even where they are not already

taking place. It should be recalled that the intangible dimension of cyberattacks does not mean they cannot attack, whether directly or indirectly, the bodily integrity or even the life of a person. In 2019, the US Department of Homeland Security warned of vulnerabilities in the radio

communication system of certain cardiac defibrillators: if malicious

3

persons took advantage of such vulnerabilities, they could cause the death of a patient. In Germany, a woman in a life-threatening emergency could not be operated on at a hospital because it was being targeted

by ransomware affecting around thirty of its servers: the woman died

while she was being transferred to another hospital, having been admitted too late. On a larger scale, the combination of cyberattacks

and terrorism represents “the” threat of the twenty-first century. In a configuration bringing the two together, “conventional” acts of terrorism

such as the killings at the Bataclan could be supported by cyberattacks,

for example targeting traffic-light systems: the key element being a total disruption of traffic, hampering the arrival of emergency and security

forces. A further step towards dematerialisation and, as cyber war already shows us (think of the hacking of Iran’s nuclear programme by

the Stuxnet virus attributed to the NSA, at any rate regarded as the first

cyber weapon), we need to keep in mind the spectre of cyberattacks on OVIs, operators of vital importance. But already the link between terrorism and cyberattacks is well established on another level. The

financial windfall which results from them, via ransoms or data sales,

helps to support terrorist funding networks. Individuals are paying a high price for these attacks, but also and above all businesses. As the prime targets of cyberattacks, businesses of all sizes need to prepare for them and know how to respond when an attack occurs. A comprehensive approach to this issue has been presented to Le Club des Juristes by Valérie Lafarge-Sarkozy, a lawyer and expert of the Club. A commission was set up under the chairmanship of Bernard Spitz, the Ad Hoc Commission on Cyber Risk, bringing together experts

from very different fields but whose areas of interest converge on

digital. First considering it in terms of risk, a collective reflection by a sub-committee tasked with considering the insurance implications of cyberattacks led to an initial report entitled “Insuring Cyber Risk”, published by Le Club des Juristes in January 2018. As a follow-up to this reflection, another sub-committee was appointed to consider the law enforcement component. Having completed its work, it is delivering this report on “Criminal law in the face of cyberattacks”. The editors of the report have brought all their experience to bear as professionals working closely with cyberattacks. Valérie Lafarge-Sarkozy and Laetitia Dage, lawyers, Myriam Quéméner, prosecutor (avocat général) at the Paris Court of Appeal and Anne Souvira, chief superintendent

(commissaire divisionnaire) and officer responsible for cybercrime issues at the office of the Paris Metropolitan Police Commissioner (préfet de

police de Paris), have shared their skills and experience in drawing up the report. This author has had the privilege of following its genesis and today has the pleasure of writing the preface.

4

In its first two parts, the report addresses substantive criminal law and criminal procedure. As regards the first, the reader will find an informative

presentation of the offences involved. Reviewing the conventional offences available (at least those which are of general application), the

report recalls that it is possible to call upon both those classified as

offences against property – theft and fraud – and offences against the person such as identity theft. Emphasis is also placed, of course, on

the more specific offences of attacks on automated data processing

systems (ADPS), combined with certain offences relating particularly to the processing of personal data. Hence a possible reversal in outlook is outlined, as businesses that are the victims of cyberattacks on their ADPS might themselves be liable for the inadequate protection of those systems. In the discussion of the offences, a call for caution should therefore be noted, which is explicitly expressed in developments designed to establish pre-emptive rules of e-governance for businesses. But when the damage is done, one must turn to the judicial response. The second part of the report offers this some very rich developments, highly practical in tone, which will be a very helpful guide for victims

of cyberattacks. The first two parts of the report are not only full of

various insights and advice, but also contain interviews with specialists, which give to the whole a resolutely practical and operational twist. But the report does not end there. As a conclusion, a third part offers

“10 recommendations for advancing the fight against cybercrime”. One

can only hope that these recommendations will be heard by the various institutions to which they are addressed. Might one dare to formulate an 11th, a recommendation that in fact simply translates what runs like a watermark through this report, namely that digital should not make

us forget basic common sense: discretion is the better part of valour –

even in digital, especially in digital.

Agathe Lepage

Professor at Université Panthéon-Assas (Paris II)

5

TAblE oF ConTEnTs

PREFACE

38

inTRoduCTion PART onE

LEGAL TREATMENT OF CYBERATTACKS AND ECONOMIC

  • AND SOCIAL CONSEQUENCES
  • 18

ChApTER I. :

Offences targeting automated data processing systems

  • (Adps)
  • 19

SECTION I ꢀꢀDefinition of adps and data processing

19

SECTION II The specific case of connected devices

20 21 25

SECTION III Different attacks on adps and

their punishment

SECTION Iv ꢀConsequences for businesses of attacks

on their adps

iv-1. "Theft" of personal data, industrial and

  • commercial secrets
  • 25

  • 26
  • iv-2. Financial and image consequences

iv-3. Risk of penalties in the event of failures

  • of security of ADPS
  • 28

33

SECTION v ꢀ The need to establish preventive rules

of e-governance within overall business risk management systems

ChApTER II. :

  • Traditional offences in cyberspace
  • 38

SECTION I ꢀ Damage to property

38

SECTION II Identity theft that damages the reputation

of a business

41

6

PART TWo

  • CYBERATTACK: WhAT JUDICIAL RESpONSE?
  • 45

ChApTER I. :

  • The players and their institutional framework
  • 46

46 46

SECTION I The french system

i-1. Specialisation of the investigative services

  • i-2. The specialisation of judges
  • 52

i-3. The role of the national agency for the security of information systems and the independent

  • administrative authorities
  • 56

SECTION II International police and judicial

cooperation

57

  • 57
  • ii-1. The players at european and international level

ii-2. Texts currently under discussion ii-3. the 2nd protocol to the Budapest convention
58 59

ChApTER II :

The implementation of criminal proceedings and the means

  • of evidence
  • 61

61

61

SECTION I ꢀꢀThe complaint

i-1. The filing of a complaint

i-2. The handling of a complaint i-3. The investigation
63 64

  • 64
  • i-4. Possible judicial follow-up to the investigation

SECTION II Evidence and its limitations

ii-1. Procedures for access to digital evidence
68 68

  • ii-2. Retention of data by operators
  • 70

  • 72
  • ii-3. Means of access to encrypted data

PART THREE

10 RECOMMENDATIONS FOR ADvANCING ThE FIGhT

  • AGAINST CYBERCRIME
  • 73

ComPosiTion oF THE Commission

82

7

InTRoDUCTIon

1. While cyberspace is a powerhouse of growth and innovation, it is also plagued by malevolent exploitation of its flaws and

vulnerabilities. This is the ambivalence of digital: both an economic

lever – a source of value and preservation of economic activity, as

we saw recently with the first health crisis in March 2020 – and

also a source of cybercrime, as the same health crisis revealed, with a considerable increase in attacks, remote working having become the source of 20% of cybercrime incidents.

In France, in 2018 80% of companies reported an incident of cybercrime1. In 2019 the rate rose to 90%, 43% relating to SMEs, and in 2020 the rate rose 4-fold, requiring President Macron on Thursday, February 18, 2021 to present his cyber-defence strategy in response to the exponential growth of threats and attacks.

2. Numerous international reports measure the direct and indirect costs of digital attacks. For example, in 2017 the overall cost was $600 billion. In 2018 the average cost per business was €8.6 million2 for French businesses and $27.4 million on average for US businesses.

The year 2019 confirmed the rise in indirect attacks exploiting

relationships between partners. Indeed, given the current maturity level of the ultimate targets, cybercriminals bypass them by attacking a partner/supplier of digital services, internet access, outsourcing companies, etc. The scope of the attack is thereby multiplied, and in 5-year forecasts, 23% of the cost of attacks could result from such attacks targeting third-party information systems in order to reach the real target.3

As for 2020, based on the first half of the year it will be a record

year in France with, for example, a 667% increase in phishing attacks recorded between 1 and 23 March.4 According to a report by VMware Carbon Black5, between February and March 2020 ransomware attacks increased by 148% worldwide, with one attack taking place every 14 seconds.

3. Globally, cybercrime is expected to cost businesses $6,000 billion annually from 2021.6

1. Report of the Ministry of the Interior "The state of the digital threat"

2. https://www.accenture.com/fr-fr/insights/security/etude-cout-du-cybercrime 3. https://www.accenture.com/fr-fr/insights/security/etude-cout-du-cybercrime 4. https://blog.barracuda.com/2020/03/26/threat-spotlight-coronavirus-related-phishing/ 5. https://www.carbonblack.com/blog/amid-covid-19-global-orgs-see-a-148-spike-in-ransomware-attacks- finance-industry-heavily-targeted/
6. Annual Report of Cybersecurity Ventures and Herjavec Group, 2019, https://www.herjavecgroup.com/ wp-content/uploads/2018/12/CV-HG-2019-Official-Annual-Cybercrime-Report.pdf

8

4. The risk/cost/gain ratio of cybercrime is very advantageous to offenders who can easily obtain online and on the darknet kits for around $5 that enable them to commit denial-of-service attacks, and use digital technology to industrialise and globalise their crimes.

Changes in working methods and the massive increase in teleworking have given them new and many opportunities. In the second half of 2020, the Zoom application therefore had to slow the development of its functionality in order to focus on its security,

in order to cope with the significant increase in the number of its

daily users from 10 million in December 2019 to over 200 million in March 2020.

FOCUS

INTERvIEW WITh GUILLAUME pOUpARD Director General of National Agency for the Security of Information Systems (ANSSI)

by Brigitte Bouquot, AMRAE and Valérie Lafarge-Sarkozy, Altana

-------

1/ The pandemic has increased digital use; has it developed the cyber threat?

The increase in the cyber threat is indeed very worrying, as the number of ransomware attacks handled by ANSSI increased 4-fold between 2019 and 2020, from 54 to 192. Since the beginning of 2021, this trend has not declined and we are constantly providing assistance to some 40 victims simultaneously. Victims of importance in terms of national, economic or health security…

It is true that the health situation is a slight aggravating factor in the cyber threat, in that it complicates the lives of defenders, but not necessarily those of attackers. But it is clear that the rapid growth of the cyber threat preceded the health crisis and that the underlying trend is extremely negative. When the health crisis stops, the cyber crisis will continue. It is essential to dissociate the two subjects and deal with the cyber subject that will concern us for the long term.

2/ Could you comment on President Macron’s announcements regarding the national cyber security strategy?

The strategy announced by the President has two components. A situational component linked to the cyberattacks that struck two healthcare institutions in quick succession in February, and

an economic component based on France’s desire significantly to

9

develop its industrial cyber-security ecosystem. This reflects both a strong concern for our society, under threat from cyberattacks, and also the need to enhance our industrial base to address the growing threat and assert our position as a major player in cyber security on the world stage. Indeed, we have many successful players in France which are investing heavily in cyber technology and are capable of providing trusted solutions to French, European and international stakeholders. At the international level, French solutions are

particularly sought after, for they are often hallmarks of confidence.

This represents real economic opportunities for French business.

The €1 billion is broken down into several major funding streams:

research funding, the future investment plan (plan d’investissement

d’avenir - PIA4), and France Recovery (France Relance), which

includes a €136 million package to strengthen the cybersecurity of public stakeholders in a sustainable way (hospitals, local authorities, central government).

The Cyber Campus announced, very symbolically by President

Emmanuel Macron, will also benefit from this funding. A true French

ambition held at the highest political level, this Campus will bring together large groups, SMEs, start-ups, researchers and authorities around cybersecurity projects. It may look heterogeneous, but in reality it is a true French team. The launch of such a Campus is a major step in our cyber strategy which includes a strong European dimension, which will culminate in the French Presidency of the Council of the European Union early in 2022.

3/ How can the development of a specific criminal component

reinforce the digital security policy conducted by ANSSI?

As a national authority, we cooperate with the investigation and intelligence agencies on a daily basis. We have developed a close collaboration with the intelligence agencies and investigation agencies (C3N, OCLCTIC, BL2C and DGSI) and the specialist cyber prosecution service (J3). There is a real convergence of views today on cyber issues within the State. ANSSI works very effectively with all these services to share its knowledge and methods. In future, it would help for information sharing between the intelligence and investigation agencies to be deepened further, as the sharing of

technical information is essential to the fight against the cyber

threat. International judicial cooperation is increasingly working to combat cybercrime. Recently we have had some real successes with, for example, the dismantling of the Emotet and Egregor networks.

These examples change the sense of fear that is around and deliver a positive message. International judicial cooperation is developing very clearly in Europe, but also with our Western allies and even

10

beyond. We all have an interest in reducing the number of places where cybercriminals can act and lurk.

4/ What are your digital security tips for business leaders?

Digital risk must be integrated into the overall risk management of each business. Business leaders need to use regulatory leverage and invest 5-10% of their IT budget in cyber security in order to build

efficient solutions. Our ecosystem of trusted providers, many of

whom have an ANSSI Security Visa, is able to support and advise businesses effectively. Better protection for our businesses will help to limit serious attacks, raise the level of cyber security and manage residual risk effectively, including the development of insurance mechanisms. It is essential for every business to use the levers that it has to secure itself and to be accountable for this so that everyone can continue to take full advantage of the opportunities of digital.

5. In this context it seemed necessary, for a proper understanding of this report and of the challenges of cyber security for businesses,

to begin by defining the concepts of cyberspace (i), cybercrime (ii), cyber security (iii) and cyber defence (iv):

(i) Cyberspace is a world of communication and sharing made up of infrastructures, networks and information systems (IS), as well as electronic communications, which are interconnected throughout the world, even in space. So it is an intangible space with no borders, which fuels debate about cooperation between States (e.g. in the search for digital evidence), which wield their sovereignty by complicating possible solutions at national and international levels. ANSSI ensures that European strategic autonomy in digital security is respectedꢀ7.

Recommended publications
  • Encrochatsure.Com

    Encrochatsure.Com

    EncroChatSure.com . Better Sure than sorry! EncroChat® Reference & Features Guide EncroChatSure.com 1 EncroChatSure.com . Better Sure than sorry! EncroChatSure.com . Better Sure than sorry! EncroChat® - Feature List 2 EncroChatSure.com . Better Sure than sorry! EncroChatSure.com . Better Sure than sorry! EncroChat® - The Basics Question: What are the problems associated with disposable phones which look like a cheap and perfect solution because of a number of free Instant Messaging (IM) apps with built-in encryption? Answer: Let us point to the Shamir Law which states that the Crypto is not penetrated, but bypassed. At present, the applications available on play store and Apple App store for Instant Messaging (IM) crypto are decent if speaking cryptographically. The problem with these applications is that they run on a network platform which is quite vulnerable. The applications builders usually compromise on the security issues in order to make their application popular. All these applications are software solutions and the software’s usually work with other software’s. For instance, if one installs these applications then the installed software interfere with the hardware system, the network connected to and the operating system of the device. In order to protect the privacy of the individual, it is important to come up with a complete solution rather than a part solution. Generally, the IM applications security implementations are very devastating for the end user because the user usually ignores the surface attacks of the system and the security flaws. When the user looks in the account, they usually find that the product is nothing but a security flaw.
  • Cybercrime Digest

    Cybercrime Digest

    Cybercrime Digest Bi-weekly update and global outlook by the Cybercrime Programme Office of the Council of Europe (C-PROC) 16 – 31 May 2021 Source: Council of E-evidence Protocol approved by Cybercrime Europe Convention Committee Date: 31 May 2021 “The 24th plenary of the Cybercrime Convention Committee (T-CY), representing the Parties to the Budapest Convention, on 28 May 2021 approved the draft “2nd Additional Protocol to the Convention on Cybercrime on Enhanced Co-operation and Disclosure of Electronic Evidence. […] Experts from the currently 66 States that are Parties to the Budapest Convention from Africa, the Americas, Asia-Pacific and Europe participated in its preparation. More than 95 drafting sessions were necessary to resolve complex issues related to territoriality and jurisdiction, and to reconcile the effectiveness of investigations with strong safeguards. […] Formal adoption is expected in November 2021 – on the occasion of the 20th anniversary of the Budapest Convention – and opening for signature in early 2022.” READ MORE Source: Council of GLACY+: Webinar Series to Promote Universality Europe and Implementation of the Budapest Convention on Date: 27 May 2021 Cybercrime “The Council of Europe Cybercrime Programme Office through the GLACY+ project and the Octopus Project, in cooperation with PGA's International Peace and Security Program (IPSP), are launching a series of thematic Webinars as part of the Global Parliamentary Cybersecurity Initiative (GPCI) to Promote Universality and Implementation of the Budapest Convention on Cybercrime and its Additional Protocol.” READ MORE Source: Europol Industrial-scale cocaine lab uncovered in Rotterdam Date: 28 May 2021 in latest Encrochat bust “The cooperation between the French National Gendarmerie (Gendarmerie Nationale) and the Dutch Police (Politie) in the framework of the investigation into Encrochat has led to the discovery of an industrial-scale cocaine laboratory in the city of Rotterdam in the Netherlands.
  • Technological Surveillance and the Spatial Struggle of Black Lives Matter Protests

    Technological Surveillance and the Spatial Struggle of Black Lives Matter Protests

    No Privacy, No Peace? Technological Surveillance and the Spatial Struggle of Black Lives Matter Protests Research Thesis Presented in partial fulfillment of the requirements for graduation with research distinction in the undergraduate colleges of The Ohio State University by Eyako Heh The Ohio State University April 2021 Project Advisor: Professor Joel Wainwright, Department of Geography I Abstract This paper investigates the relationship between technological surveillance and the production of space. In particular, I focus on the surveillance tools and techniques deployed at Black Lives Matter protests and argue that their implementation engenders uneven outcomes concerning mobility, space, and power. To illustrate, I investigate three specific forms and formats of technological surveillance: cell-site simulators, aerial surveillance technology, and social media monitoring tools. These tools and techniques allow police forces to transcend the spatial-temporal bounds of protests, facilitating the arrests and subsequent punishment of targeted dissidents before, during, and after physical demonstrations. Moreover, I argue that their unequal use exacerbates the social precarity experienced by the participants of demonstrations as well as the racial criminalization inherent in the policing of majority Black and Brown gatherings. Through these technological mediums, law enforcement agents are able to shape the physical and ideological dimensions of Black Lives Matter protests. I rely on interdisciplinary scholarly inquiry and the on- the-ground experiences of Black Lives Matter protestors in order to support these claims. In aggregate, I refer to this geographic phenomenon as the spatial struggle of protests. II Acknowledgements I extend my sincerest gratitude to my advisor and former professor, Joel Wainwright. Without your guidance and critical feedback, this thesis would not have been possible.
  • Creating a Total Army Cyber Force: How to Integrate the Reserve Component Into the Cyber Fight

    Creating a Total Army Cyber Force: How to Integrate the Reserve Component Into the Cyber Fight

    No. 103W SEPTEMBER 2014 Creating a Total Army Cyber Force: How to Integrate the Reserve Component into the Cyber Fight Christopher R. Quick Creating a Total Army Cyber Force: How to Integrate the Reserve Component into the Cyber Fight by Christopher R. Quick The Institute of Land Warfare ASSOCIATION OF THE UNITED STATES ARMY AN INSTITUTE OF LAND WARFARE PAPER The purpose of the Institute of Land Warfare is to extend the educational work of AUSA by sponsoring scholarly publications, to include books, monographs and essays on key defense issues, as well as workshops and symposia. A work selected for publication as a Land Warfare Paper represents research by the author which, in the opinion of ILW’s editorial board, will contribute to a better understanding of a particular defense or national security issue. Publication as an Institute of Land Warfare Paper does not indicate that the Association of the United States Army agrees with everything in the paper but does suggest that the Association believes the paper will stimulate the thinking of AUSA members and others concerned about important defense issues. LAND WARFARE PAPER NO. 103W, September 2014 Creating a Total Army Cyber Force: How to Integrate the Reserve Component into the Cyber Fight by Christopher R. Quick Lieutenant Colonel Christopher R. Quick is currently the J39 Information Operations Branch Chief for Special Operations Command Forward–West Africa in Kelly Barracks, Stuttgart, Germany. He previously served as the Information Operations Branch Chief and Director of Communication Synchronization for U.S. Army Cyber Command/Second Army at Fort Belvoir, Virginia.
  • Cyber Mission Analysis

    Cyber Mission Analysis

    UNCLASSIFIED//FOR OFFICIAL USE ONLY Cyber Mission Analysis Mission Analysis for Cyber Operations of Department of Defense Submitted in compliance with the reporting requirement contained in the Fiscal Year 2014 National Defense Authorization Act section 933(d), Public Law 113-66 Preparation of this study/report cost the Department of Defense approximately $587,000 for the 2014 Fiscal Year. This includes $15,000 in expenses and $572,000 in DoD labor Generated on 2014 August 21 RefID: E-0CD45F6 1 UNCLASSIFIED//FOR OFFICIAL USE ONLY UNCLASSIFIED//FOR OFFICIAL USE ONLY Table of Contents I. Executive Summary ............................................................................................................... 4 II. Current State .......................................................................................................................... 6 Threat Landscape ............................................................................................................. 6 Policies, Oversight, and Relationships ............................................................................. 6 Cyber Missions ................................................................................................................ 8 Operational Command & Control (C2) ......................................................................... 10 Resilience, Mission Assurance, and Continuity of Operations...................................... 10 Recruitment, Retention, Management, Equipping, and Training the Force .................. 10 III. Current
  • Shotgun Licence Change of Address West Yorkshire

    Shotgun Licence Change of Address West Yorkshire

    Shotgun Licence Change Of Address West Yorkshire Whole and significative Lovell never submerse his nereids! Sebastian is remittently called after anteorbital Fleming effervesce his toxoids maturely. Priest-ridden Zack expects some Rotorua after qualifiable Yaakov underdraws mutationally. Mailing Address P Police arrested four trout from Nelson and Augusta counties on. For strong new licence variation transfer or forward it will do store on the. Firearms Licensing DepartmentSouth Yorkshire Police HQCarbrook House5 Carbrook Hall. Half the sentence as be served on licence Sheffield Crown point was told. Their teams through organisational change build successful relationships with partners. A copy of your passport or driving licence small arms 190's you will receive gold what is cross the picture. Ralph christie over the confidential online at all his workers is highly effective time of change of shotgun licence address west yorkshire police action the chief of the morbid sense of the. At far West Yorkshire Police science in Wakefield Judith met with by new. Changes of name address or any contact information must be submitted using an amendment form. Category of Mental Illness According to federal law individuals cannot carry a gun if however court such other object has deemed them to mental defective or committed them involuntarily to acute mental hospital. To the designation of funny hot zone to head only suitably trained firearms officers can go. Documentation required for Reader Registration. Firearm Dealership Land Nomination Forms Notification of disease Transfer. Further delay of the west yorkshire police force the public engagement and supersede any measures as banking information to! On wix ads.
  • Perspectives on Building a Cyber Force Structure

    Perspectives on Building a Cyber Force Structure

    Permission to make digital or hard copies of all or parts of 163 this work for internal use within NATO and for personal or Conference on Cyber Conflict educational use not done for profit or commercial purpose Proceedings 2010 is granted providing that copies bear this notice and a full C. Czosseck and K. Podins (Eds.) citation on the first page. Any other reproduction or trans- CCD COE Publications, 2010, Tallinn, Estonia. mission requires prior written permission. PERSPECTIVES ON BUILDING A CYBER FORCE STRUCTURE Stuart STARRa,1, Daniel KUEHLb,2, Terry PUDASc,3 aCenter for Technology and National Security Policy (CTNSP), Washington, DC, USA biCollege of the NDU. Washington, DC, USA cCTNSP, NDU, Washington, DC, USA Abstract: This paper explores the US’s cyber force structure with special em- phasis on the cyber workforce. To achieve that goal, this paper addresses several issues: it characterizes the nature of the cyber security problem; it draws on insights from senior decision-makers to identify cyber force struc- ture needs; it characterizes current capabilities by summarizing the key ini- tiatives that are being pursued by the US Services and key joint activities; and it identifies a spectrum of actions to mitigate shortfalls in the existing cyber forces structure (i.e. education; higher education and recruitment; cer- tification, retention, professional development, and workforce management; exercises; and security clearance requirements). The paper concludes by iden- tifying actions that NATO might pursue to improve its cyber force structure (e.g. conduct realistic, stressful exercises) and by identifying residual issues to address (e.g. career progression; value of employing “patriotic hackers”).
  • Eurojust Report on Drug Trafficking – Experiences and Challenges in Judicial Cooperation

    Eurojust Report on Drug Trafficking – Experiences and Challenges in Judicial Cooperation

    Eurojust Report on Drug trafficking Experiences and challenges in judicial cooperation April 2021 Criminal justice across borders Eurojust Report on Drug Trafficking – Experiences and challenges in judicial cooperation Table of Contents Executive summary ................................................................................................................................ 2 1. Introduction ................................................................................................................................... 4 2. Scope and methodology ................................................................................................................. 4 3. Casework at a glance ...................................................................................................................... 6 4. Specific issues in international judicial cooperation on drug trafficking cases ................................... 7 4.1. New Psychoactive Substances and precursors .......................................................................... 7 4.2. Cooperation with third countries ........................................................................................... 10 4.2.1. Cooperation agreements ................................................................................................ 12 4.2.2. Eurojust’s network of Contact Points .............................................................................. 13 4.2.3. Countries without a formal form of cooperation ............................................................
  • Crisis on Impact: Responding to Cyber Attacks on Critical Information Infrastructures, 30 J

    Crisis on Impact: Responding to Cyber Attacks on Critical Information Infrastructures, 30 J

    The John Marshall Journal of Information Technology & Privacy Law Volume 30 Issue 1 2013 Article 3 2013 Crisis on Impact: Responding to Cyber Attacks on Critical Information Infrastructures, 30 J. Marshall J. Info. Tech. & Privacy L. 31 (2013) Eugenia Georgiades William Caelli Sharon Christensen W.D. Duncan Follow this and additional works at: https://repository.law.uic.edu/jitpl Part of the Computer Law Commons, Internet Law Commons, Privacy Law Commons, and the Science and Technology Law Commons Recommended Citation Eugenia Georgiades, William Caelli, Sharon Christensen & W.D. Duncan, Crisis on Impact: Responding to Cyber Attacks on Critical Information Infrastructures, 30 J. Marshall J. Info. Tech. & Privacy L. 31 (2013) https://repository.law.uic.edu/jitpl/vol30/iss1/3 This Article is brought to you for free and open access by UIC Law Open Access Repository. It has been accepted for inclusion in The John Marshall Journal of Information Technology & Privacy Law by an authorized administrator of UIC Law Open Access Repository. For more information, please contact [email protected]. CRISIS ON IMPACT: RESPONDING TO CYBER ATTACKS ON CRITICAL INFORMATION INFRASTRUCTURES EUGENIA GEORGIADES, WILLIAM J. CAELLI, SHARON CHRISTENSEN, & W.D. DUNCAN* ABSTRACT In the developing digital economy, the notion of traditional attack on enterprises of national significance or interest has transcended into different modes of electronic attack, surpassing accepted traditional forms of physical attack upon a target. The terrorist attacks that took place in the United States on September 11, 2001 demonstrated the physical devastation that could occur if any nation were the target of a large-scale terrorist attack.
  • Going Dark? Analysing the Impact of End-To-End Encryption on The

    Going Dark? Analysing the Impact of End-To-End Encryption on The

    Going dark? Analysing the impact of end-to-end encryption on the outcome of Dutch criminal court cases Pieter Hartel1 Rolf van Wegberg1 1{pieter.hartel,r.s.vanwegberg}@tudelft.nl April 15, 2021 Abstract Former US attorney general William Barr and law enforcement colleagues from other countries have published a statement on end-to-end encryption from which we quote: “while encryption is vital and privacy and cybersecurity must be protected, that should not come at the expense of wholly precluding law enforcement”. The main argument put forward by law enforcement is that end-to-end encryption (E2EE) hampers authorities prosecuting criminals who rely on encrypted communication - ranging from drug syndicates to child sexual abuse material (CSAM) platforms. This statement, however, is not supported by empirical evidence, and therefore not suitable as the sole basis of policymaking. That is why, in our work, we analyse public court data from the Netherlands to show to what extent law enforcement agencies and the public prosecution service are impacted by the use of E2EE in bringing cases to court and their outcome. Our results show that Dutch law enforcement appears to be as successful in prosecuting offenders who rely on encrypted communication as those who do not. In contrast to what the US attorney general wants us to believe, at least the prosecution of cases does not seem hampered by E2EE. 1 Introduction Article 19 of the Universal Declaration of Human Rights gives everyone the right to freedom of opinion and expression. Since 2011, this also covers the journalistic protection of sources [3].
  • Narita Bahra QC

    Narita Bahra QC

    Narita Bahra QC "Excellent advocate whether addressing jury on the facts or presenting legal arguments to the judge. Tireless worker and meticulous and diligent in preparation. Totally deserving of rank of Queens Counsel. Full of integrity. Great asset to the Bar." Legal 500 2021 Year of Call: 1997 QC: 2019 020 7353 5324 Narita is instructed to defend in high profile and heavyweight Crime and Business Crime cases. Her Crime practice includes murder, organised crime (including overseas drug cartels, firearms and armed robberies) terrorism and serious sexual offences. Her Business & Financial Crime practice includes cases involving fraud, tax evasion, money laundering and anti-competitive conduct (cartels, market abuse, insider dealing). Narita’s fearless and tenacious approach makes her widely sought after by professional and lay clients. She is recognised as Queen’s Counsel who can skilfully deal with the most difficult of cases. Her investigative approach results in leading her team to successful results. She has been instructed in a number of high-profile cases in which disclosure failings by prosecuting authorities have been unmasked. Four of these cases became the subject of review by the House of Commons Committee. In 2019 Narita’s cross examination resulted in exposure of significant disclosure failings and disqualification of an expert witness. The case attracted substantial media coverage. Narita is instructed in the ensuing appeals at the Court of Appeal. Narita’s appointment as Queen’s Counsel had an auspicious start; she was asked to carry a pair of white silk gloves to the Silks Ceremony, to mark the centenary of women being allowed to enter the legal profession.
  • April 2021 NATIONAL CRIME AGENCY

    April 2021 NATIONAL CRIME AGENCY

    NATIONAL CRIME AGENCY Annual Submission to the National Crime Agency Remuneration Review Body Joint Submission with the Home Office April 2021 Summary Pay Reform is a crucial part of the delivery of our strategy. Our ambition remains to build on the previous three years of our pay framework, to be able to benchmark our Officers pay with our comparator markets, so that we can attract and retain the skills we need to lead the fight against Serious and Organised Crime. As the Review Body will know, the Chancellor of the Exchequer announced on 25 November 2020 that pay rises in the public sector will be restrained and targeted in 2021/22 at the Spending Review. This pause was instituted as a result of the impacts of the Covid-19 pandemic on society and the economy. This means a full year of Pay Reform is not achievable in 21/22. The NCA worked on a number of proposals that can be implemented in future pay rounds from 2022/23 onwards. This year we are able to: Support progression of existing officers through the capability-based pay framework [our spot-rates]. Apply a £250 award for officers earning less than £24,000 full-time equivalent. Continue to apply our non-consolidated pay pot to target key areas of challenge on recruitment and retention. Whilst the Agency cannot implement new initiatives this year, we will continue to build our future pay strategy for our Officers, and will plan to implement these in 2022/23 onwards. 2 Chapter One Organisational Strategy This chapter sets out: The NCA’s mission, cross-cutting organisational priorities, and the organisation’s structure to deliver the same; How the NCA is leading the fight to cut Serious and Organised Crime; How the Agency is evolving to meet the changing nature of Serious and Organised Crime; and Our high-level financial position with specific respect to our pay proposals for 2021/22.